Cisco Finesse vulnerabilities

CVE-2015-0754 [HIGH] CWE-20 CVE-2015-0754: Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a d Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810.

CVE-2015-0714 [MEDIUM] CWE-79 CVE-2015-0714: Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.